Right now NSS initialization fails if a previous NSS shutdown failed, but we do not set an error code and there is no appropriate error code for this error condition. We should add a new error code, say SEC_ERROR_ALREADY_INITIALIZED, and set this error code when one attempts to re-initialize NSS after a failed NSS shutdown.
Created attachment 111502 [details] [diff] [review] Proposed patch (incomplete) We still need the code to map CKR_CRYPTOKI_ALREADY_INITIALIZED to SEC_ERROR_ALREADY_INITIALIZED. CKR_CRYPTOKI_ALREADY_INITIALIZED may be set by the softoken (in lib/softoken/pkcs11.c:NSC_Initialize) if it was not shut down cleanly before. Bob, where is the right place to do this?
Status: NEW → ASSIGNED
Priority: -- → P2
Target Milestone: --- → 3.8
There's a function in pk11wrap called PK11_MapError(). There's a big switch table (or array depending on the compile options) which Maps CKR_ into SEC_ERROR. bob
Created attachment 111525 [details] [diff] [review] Proposed patch (also handles CKR_CRYPTOKI_ALREADY_INITIALIZED) Does this look right?
Attachment #111502 - Attachment is obsolete: true
Remove target milestone of 3.8, since these bugs didn't get into that release.
Target Milestone: 3.8 → ---
QA Contact: bishakhabanerjee → jason.m.reid
You need to log in before you can comment on or make changes to this bug.